I found a lightweight analysis of the Hilary Rodham Clinton e-mail server controversy Hillary Clinton’s ‘emailgate’ diced and sliced - BBC News. I’m particularly amused by the inclusion of the word ‘emailgate’ (including the quote marks). Ah, thank goodness. A journalist who gets the ‘-gate’ suffix joke.

I say it was a lightweight analysis because although it covers a number of issues (was Ms Clinton acting illegally?, was the server secure?) it fails to go into any depth on these and some other more important issues.

One particular phrase caught my eye on first reading the article. It related to and contradicted Ms Clinton’s self-asserted ‘convenience’ motivation for running the e-mail server. It stated: ‘Sceptics have countered that the real reason Mrs Clinton established her own e-mail system was because it gave her total control over her correspondence.’.

Well, that’s an opinion which I think has some merit. But let’s just think about that for a moment.

Did she drive down to her local branch of Staples (in Mt. Kisco, NY), buy a PC, bring it home and sit it in her utility room, connect it to her home broadband and install e-mail server software? Perhaps she even read a book about it first?

Of course not.

Did she buy a pre-configured Windows Small Business Server (now Windows Server Essentials) from one of the major manufacturers and plonk that in her sitting room?

I very much doubt it.

Or did she perhaps have someone set this up for her? Someone she trusted for some reason? Perhaps someone who she trusted to address such things as security against network intrusion, continuity of service, security against loss of data, control over content and senders?

I think the latter is far more likely. Ms Clinton is wealthy and I can well believe that she has employees who are really very capable and trustworthy. So no, I don’t believe it was because having her own service gave her total control over her correspondence - just more control than the @state.gov address she was offered.

So why would she refuse to use the @state.gov account? Something sinister there, surely?

Ms Clinton has stated that keeping some correspondence off the state system was indeed part of her motivation. In particular her private correspondence - nothing sinister there… However, I can also imagine that there might be relatively informal discussions with various people which she would not want to be recorded until opinions are more fully formed, issues explored and contributory information gathered. Similar to office discusions around the water cooler or coffee machine but without those involved having to be in the same place or thinking about the same issue at the same time.

Some may argue that that is precisely what is wrong - that all her decision making processes should have been subject to record and subsequent scrutiny; a stance which I think is barking mad. If that is what is required then it stifles the use of all recorded correspondence (e-mail, telephone, meeting minutes etc) in the decision making processes and promotes cronyism - where you have to be already inside the trusted circle just to get to float an idea. As a side issue, I suspect that President Obama, who is alleged by some to spend too much time on the golf course, does so precisely so that he can have discussions with minimal record keeping and so that half-formed ideas and opinions can be floated and tested without anyone looking foolish.

There are plenty of examples of other reasons why Ms Clinton might not want some correspondence on the official record. Let’s start off with a US Army private accessing and distributing hundreds of thousands of pages of diplomatically sensitive documents - which although they may have been stored in some ultra-secure datacentre were accessed from an insecure PC in a recent war-zone with minimal infrastructure. We’ll move on to the US National Security Agency employing an IT contractor who accessed and distributed sensitive documents about what the agency does and how it does it. As a final pair of examples let’s mention the 2014 intrusion into the State Department’s e-mail system and the subsequent intrusion into systems serving the White House.

Of course I’m not suggesting Ms Clinton’s decision to have a private e-mail service set up was influenced by events that had not yet happened. Nor am I suggesting that these might be her only motivations. I’m also sure she’s smart enough never to say this aloud but I am defintely suggesting that she knew then that systems are only ever as trustworthy as the people who run and have access to them - and that she trusted her own employees more than the state’s.

But it was illegal!

Various agencies have examined the situation. Some reports have been critical of her use of the private service. There have been reports of classified information being exchanged without proper classification markings and without using approved channels - including information that should have been handled as ‘Top Secret’. However, the FBI has recommended against prosecution and the Justice Department has said that they intend to follow the FBI’s recommendation.

No, it was not illegal. It may have been foolish - but I don’t think so.

If the State Department does decide that she violated government policy in her handling of classified information she may get a formal letter of reprimand and/or loss of security clearance.

Can you imagine if she wins the 2016 Presidential election?: ‘I’m sorry Ms President I can’t discuss this with you - you don’t have security clearance.’.

But her server could have been hacked and the e-mails leaked!

Agreed - but the vast majority of so-called ‘hacks’ are nothing more than password guessing or stealing. The great advantage of using her own (relatively) small, private service is that her employees were likely to be in no doubt as to who could authorise access or change access rights and would spot a con-artist a mile off. I also think that if the service had been hacked the correspondence would have been leaked. That said, Ms Clinton’s e-mails are currently being pored over in the media precisely because she handed them over to the state… We have no details of what server software and ancillary protections were set up for Ms Clinton or details of how it was configured or administered or the access protocols. We do get hints that the service was restricted to a few individuals that she trusted in that ‘She also reportedly set up e-mail addresses on the server for her long-time aide, Huma Abedin, and State Department Chief of Staff Cheryl Mills.’.

She accessed her server through her smartphone! That’s really insecure!

Yes, probably. That said, I’d be surprised if Ms Clinton also accessed social media accounts or installed Sweety Smash or Irate Avians or similar time-wasters or engaged in other similarly risky behaviour with her device. I’d bet (a small amount) that we will never see her tracking down and capturing Minature Miscreations while intently staring at her smartphone screen as she wanders head-down and mumbling through the streets. I’d also bet that she doesn’t allow built-in mapping software to track her device’s location. I might be wrong - but I doubt it.

The whole furore highlights and discredits the one-size-fits-all governance model that state authorities adopt. The State Department officials wanted all written communications to reside on their services on their terms. Ms Clinton recognised that different correspondence required different handling methods and trusted her own judgement and employees more than the State Department’s. She wanted some of her communications off the state system and chose what to send into the official record by selecting what correspondence to send to other users of that system. Ms Clinton established and used a private service to keep her stuff private to herself and to those she chose to trust - a concept which many others should seriously consider.

Update 3-Sep-2016: OK. Mostly wrong (or dare I say, only partially right? Nah, thought not.).

US FBI documents show that Ms Clinton had an employee arrange to have an Apple Server (OS X Server) set up during 2007. Depending on when in the year it was installed the then current version was either V10.4 (Tiger) or V10.5 (Leopard). Both versions included Postfix mail server and Cyrus IMAP server - which both remain well respected e-mail server software components in 2016.

The trouble is that another employee (an ‘information technology specialist’) replaced the server in about March 2009 with something else - all we can glean about what it was is summed up by the statement that ‘on December 3, 2013, Microsoft Exchange was uninstalled’. Yes, it seems the employee replaced Postfix/Cyrus with Exchange… I told you Ms Clinton was wealthy! Although it’s not mentioned in the report we can hope that considering Ms Clinton’s apparent preference for BlackBerry mobile devices he also installed BlackBerry Enterprise Server (BES) - but who knows? What is revealed is that around 4 years later this employee ‘expressed [a] desire to seek new employment’ and this circumstance contributed to the decision to outsource. It appears the employee was so loyal as to give a great deal of notice of his intention to move on.

In mid-2013 provision of the service was outsourced and the server was moved out of Ms Clinton’s home to a caged area in a secure datacentre before the service was transferred to yet another server. No details of the e-mail software platform on the third server is mentioned, but there is mention of the use of an Intrusion Detection/Prevention System (IDS/IPS, CloudJacket) and reference to the old firewall remaining at Ms Clinton’s home. As part of the outsource arrangement Ms Clinton requested that e-mail on the new service should be encrypted - but this was not done. It appears she did not trust the contractors as much as she trusted her employees. It also seems that server backups were intended to be held only within the datacentre cage but were later found to have been replicated to a cloud service. Maybe she was right not to trust them.

The report also makes reference to Ms Clinton often changing her mobile device - 13 devices over a period of a few years which may have been used to handle e-mail. Two are believed to have been physically destroyed but Ms Clinton and her employees do not know where the other 11 went. That’s definitely poor security.

One thing my original post was right about - Ms Clinton was not downloading random bits of software onto her pocket computer. She used BlackBerrys and it appears she had employees set them up for her and replace them when they went wrong.